{"id":"https://openalex.org/W3125554345","doi":"https://doi.org/10.1109/tcad.2021.3052856","title":"Runtime Malware Detection Using Embedded Trace Buffers","display_name":"Runtime Malware Detection Using Embedded Trace Buffers","publication_year":2021,"publication_date":"2021-01-27","ids":{"openalex":"https://openalex.org/W3125554345","doi":"https://doi.org/10.1109/tcad.2021.3052856","mag":"3125554345"},"language":"en","primary_location":{"id":"doi:10.1109/tcad.2021.3052856","is_oa":false,"landing_page_url":"https://doi.org/10.1109/tcad.2021.3052856","pdf_url":null,"source":{"id":"https://openalex.org/S100835903","display_name":"IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems","issn_l":"0278-0070","issn":["0278-0070","1937-4151"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems","raw_type":"journal-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5090705662","display_name":"Rana Elnaggar","orcid":"https://orcid.org/0000-0002-9733-2938"},"institutions":[{"id":"https://openalex.org/I170897317","display_name":"Duke University","ror":"https://ror.org/00py81415","country_code":"US","type":"education","lineage":["https://openalex.org/I170897317"]}],"countries":["US"],"is_corresponding":true,"raw_author_name":"Rana Elnaggar","raw_affiliation_strings":["Duke University, Durham, NC, USA"],"affiliations":[{"raw_affiliation_string":"Duke University, Durham, NC, USA","institution_ids":["https://openalex.org/I170897317"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5066320524","display_name":"Kanad Basu","orcid":"https://orcid.org/0000-0002-6431-7512"},"institutions":[{"id":"https://openalex.org/I162577319","display_name":"The University of Texas at Dallas","ror":"https://ror.org/049emcs32","country_code":"US","type":"education","lineage":["https://openalex.org/I162577319"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Kanad Basu","raw_affiliation_strings":["The University of Texas at Dallas, Richardson, TX, USA"],"affiliations":[{"raw_affiliation_string":"The University of Texas at Dallas, Richardson, TX, USA","institution_ids":["https://openalex.org/I162577319"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5033880864","display_name":"Krishnendu Chakrabarty","orcid":"https://orcid.org/0000-0003-4475-6435"},"institutions":[{"id":"https://openalex.org/I170897317","display_name":"Duke University","ror":"https://ror.org/00py81415","country_code":"US","type":"education","lineage":["https://openalex.org/I170897317"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Krishnendu Chakrabarty","raw_affiliation_strings":["Duke University, Durham, NC, USA"],"affiliations":[{"raw_affiliation_string":"Duke University, Durham, NC, USA","institution_ids":["https://openalex.org/I170897317"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5059648257","display_name":"Ramesh Karri","orcid":"https://orcid.org/0000-0001-7989-5617"},"institutions":[{"id":"https://openalex.org/I57206974","display_name":"New York University","ror":"https://ror.org/0190ak572","country_code":"US","type":"education","lineage":["https://openalex.org/I57206974"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Ramesh Karri","raw_affiliation_strings":["New York University, New York, NY, USA"],"affiliations":[{"raw_affiliation_string":"New York University, New York, NY, USA","institution_ids":["https://openalex.org/I57206974"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":4,"corresponding_author_ids":["https://openalex.org/A5090705662"],"corresponding_institution_ids":["https://openalex.org/I170897317"],"apc_list":null,"apc_paid":null,"fwci":0.7717,"has_fulltext":false,"cited_by_count":7,"citation_normalized_percentile":{"value":0.69302761,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":91,"max":98},"biblio":{"volume":"41","issue":"1","first_page":"35","last_page":"48"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9965000152587891,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.9927999973297119,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/malware","display_name":"Malware","score":0.8502441644668579},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.8251980543136597},{"id":"https://openalex.org/keywords/debugging","display_name":"Debugging","score":0.7013909816741943},{"id":"https://openalex.org/keywords/embedded-system","display_name":"Embedded system","score":0.6835403442382812},{"id":"https://openalex.org/keywords/exploit","display_name":"Exploit","score":0.6352927088737488},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.5661848187446594},{"id":"https://openalex.org/keywords/software","display_name":"Software","score":0.4443676769733429},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.29583868384361267}],"concepts":[{"id":"https://openalex.org/C541664917","wikidata":"https://www.wikidata.org/wiki/Q14001","display_name":"Malware","level":2,"score":0.8502441644668579},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8251980543136597},{"id":"https://openalex.org/C168065819","wikidata":"https://www.wikidata.org/wiki/Q845566","display_name":"Debugging","level":2,"score":0.7013909816741943},{"id":"https://openalex.org/C149635348","wikidata":"https://www.wikidata.org/wiki/Q193040","display_name":"Embedded system","level":1,"score":0.6835403442382812},{"id":"https://openalex.org/C165696696","wikidata":"https://www.wikidata.org/wiki/Q11287","display_name":"Exploit","level":2,"score":0.6352927088737488},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.5661848187446594},{"id":"https://openalex.org/C2777904410","wikidata":"https://www.wikidata.org/wiki/Q7397","display_name":"Software","level":2,"score":0.4443676769733429},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.29583868384361267}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/tcad.2021.3052856","is_oa":false,"landing_page_url":"https://doi.org/10.1109/tcad.2021.3052856","pdf_url":null,"source":{"id":"https://openalex.org/S100835903","display_name":"IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems","issn_l":"0278-0070","issn":["0278-0070","1937-4151"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems","raw_type":"journal-article"}],"best_oa_location":null,"sustainable_development_goals":[{"id":"https://metadata.un.org/sdg/16","display_name":"Peace, Justice and strong institutions","score":0.6899999976158142}],"awards":[{"id":"https://openalex.org/G3500161517","display_name":null,"funder_award_id":"1526405","funder_id":"https://openalex.org/F4320306076","funder_display_name":"National Science Foundation"},{"id":"https://openalex.org/G4504682262","display_name":null,"funder_award_id":"2011561","funder_id":"https://openalex.org/F4320306076","funder_display_name":"National Science Foundation"},{"id":"https://openalex.org/G634349292","display_name":null,"funder_award_id":"1513130","funder_id":"https://openalex.org/F4320306076","funder_display_name":"National Science Foundation"}],"funders":[{"id":"https://openalex.org/F4320306076","display_name":"National Science Foundation","ror":"https://ror.org/021nxhr62"}],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":40,"referenced_works":["https://openalex.org/W640073161","https://openalex.org/W1629811776","https://openalex.org/W1915206808","https://openalex.org/W1959818661","https://openalex.org/W1968519345","https://openalex.org/W1981868262","https://openalex.org/W2030660170","https://openalex.org/W2032281403","https://openalex.org/W2042191662","https://openalex.org/W2060300932","https://openalex.org/W2066387260","https://openalex.org/W2078353671","https://openalex.org/W2122672392","https://openalex.org/W2125011234","https://openalex.org/W2125743503","https://openalex.org/W2141624968","https://openalex.org/W2183310907","https://openalex.org/W2591830932","https://openalex.org/W2603281976","https://openalex.org/W2606250847","https://openalex.org/W2606722458","https://openalex.org/W2762618135","https://openalex.org/W2768773469","https://openalex.org/W2794801050","https://openalex.org/W2807415350","https://openalex.org/W2901508923","https://openalex.org/W2934053005","https://openalex.org/W2962832406","https://openalex.org/W2979151900","https://openalex.org/W2990257819","https://openalex.org/W2993580201","https://openalex.org/W3007346474","https://openalex.org/W3116954642","https://openalex.org/W4247833239","https://openalex.org/W4253751283","https://openalex.org/W6631261549","https://openalex.org/W6639864006","https://openalex.org/W6640826072","https://openalex.org/W6686378273","https://openalex.org/W6718890697"],"related_works":["https://openalex.org/W1966145327","https://openalex.org/W2068239131","https://openalex.org/W2978026406","https://openalex.org/W2388687068","https://openalex.org/W4256495946","https://openalex.org/W2399091034","https://openalex.org/W2351581202","https://openalex.org/W2366922255","https://openalex.org/W2114320580","https://openalex.org/W1999657508"],"abstract_inverted_index":{"Anti-virus":[0],"software":[1],"(AVS)":[2],"tools":[3],"are":[4,14],"used":[5,39,83],"to":[6,16,25,62,92,119],"detect":[7,63,146],"malware":[8,41,49,64,121,132,147],"in":[9,76],"a":[10,56,71,100,158],"system.":[11],"However,":[12],"AVS":[13],"vulnerable":[15],"attacks.":[17],"A":[18],"malicious":[19],"entity":[20],"can":[21,145],"exploit":[22],"these":[23,112],"vulnerabilities":[24],"subvert":[26],"the":[27,96,107,135],"AVS.":[28],"Recently,":[29],"hardware":[30,34,73],"components":[31],"such":[32],"as":[33],"performance":[35,142],"counters":[36],"have":[37],"been":[38],"for":[40,84,131],"detection.":[42],"In":[43],"this":[44],"article,":[45],"we":[46],"propose":[47],"preempts":[48],"by":[50,65,106],"examining":[51],"embedded":[52,67],"processor":[53],"traces":[54],"(PREEMPT),":[55],"zero":[57],"overhead,":[58],"high-accuracy,":[59],"low-latency":[60],"technique":[61],"repurposing":[66],"trace":[68],"buffer":[69],"(ETB),":[70],"debug":[72,88],"component":[74],"available":[75],"most":[77],"modern":[78],"processors.":[79],"The":[80,126],"ETB":[81,130],"is":[82,104],"postsilicon":[85],"validation":[86],"and":[87,89,94,140],"allows":[90],"us":[91],"control":[93],"monitor":[95],"internal":[97],"activities":[98],"of":[99,128,160],"chip,":[101],"beyond":[102],"what":[103],"provided":[105],"input/output":[108],"pins.":[109],"PREEMPT":[110,144],"combines":[111],"hardware-level":[113],"observations":[114],"with":[115,157],"machine":[116],"learning-based":[117],"classifiers":[118],"preempt":[120],"before":[122],"it":[123],"causes":[124],"damage.":[125],"benefits":[127],"reusing":[129],"detection":[133],"include":[134],"increased":[136],"robustness":[137],"against":[138],"attacks":[139],"no":[141],"penalties.":[143],"on":[148],"an":[149],"OpenSPARC":[150],"T1":[151],"core":[152],"running":[153],"Linux":[154],"operating":[155],"system":[156],"F1-score":[159],"96.6%.":[161]},"counts_by_year":[{"year":2026,"cited_by_count":1},{"year":2025,"cited_by_count":1},{"year":2024,"cited_by_count":2},{"year":2023,"cited_by_count":3}],"updated_date":"2026-04-11T08:14:18.477133","created_date":"2025-10-10T00:00:00"}